Upload wg config, set postup/down rules, move to destination

2024-11-22 07:30:23 +00:00 · 2021-07-07 23:01:47 +01:00 · 2021-07-07 23:01:47 +01:00 · 225bff59b6
commit 225bff59b6
parent fbe1348e15
1 changed files with 21 additions and 7 deletions
--- a/includes/wireguard.php
+++ b/includes/wireguard.php
@ -10,10 +10,11 @@ function DisplayWireGuardConfig()
 {
    $status = new StatusMessages();
    if (!RASPI_MONITOR_ENABLED) {
-        if (isset($_POST['savewgsettings'])) {
+        $optRules = $_POST['wgRules'];
+        if (isset($_POST['savewgsettings']) && !is_uploaded_file($_FILES["wgFile"]["tmp_name"])) {
            SaveWireGuardConfig($status);
-        } elseif (is_uploaded_file( $_FILES["wgFile"]["tmp_name"])) {
-            SaveWireGuardUpload($status, $_FILES['wgFile']);
+        } elseif (isset($_POST['savewgsettings']) && is_uploaded_file($_FILES["wgFile"]["tmp_name"])) {
+            SaveWireGuardUpload($status, $_FILES['wgFile'], $optRules);
        } elseif (isset($_POST['startwg'])) {
            $status->addMessage('Attempting to start WireGuard', 'info');
            exec('sudo /bin/systemctl start wg-quick@wg0', $return);
@ -63,6 +64,7 @@ function DisplayWireGuardConfig()
            "status",
            "wg_state",
            "serviceStatus",
+            "optRules",
            "wg_log",
            "peer_id",
            "wg_srvpubkey",
@ -87,9 +89,10 @@ function DisplayWireGuardConfig()
 *
 * @param  object $status
 * @param  object $file
+ * @param  boolean $optRules
 * @return object $status
 */
-function SaveWireGuardUpload($status, $file)
+function SaveWireGuardUpload($status, $file, $optRules)
 {
    define('KB', 1024);
    $tmp_destdir = '/tmp/';
@ -114,12 +117,23 @@ function SaveWireGuardUpload($status, $file)
            throw new RuntimeException($results['errors'][0]);
        }

-        // Good file upload, do any post-processing
+        // Valid upload, get file contents
+        $tmp_wgconfig = $results['full_path'];
+        $tmp_contents = file_get_contents($tmp_wgconfig);

        // Set iptables rules
+        if (isset($optRules) && !preg_match('/PostUp|PostDown/m',$tmp_contents)) {
+            $rules[] = 'PostUp = '.getDefaultNetValue('wireguard','server','PostUp');
+            $rules[] = 'PostDown = '.getDefaultNetValue('wireguard','server','PostDown');
+            $rules[] = '';
+            $rules = join(PHP_EOL, $rules);
+            $rules = preg_replace('/wlan0/m', $_SESSION['ap_interface'], $rules);
+            $tmp_contents = preg_replace('/^\s*$/ms', $rules, $tmp_contents, 1);
+            file_put_contents($tmp_wgconfig, $tmp_contents);
+        }

-        // Move uploaded .conf from /tmp to destination
-
+        // Move uploaded file from to destination
+        system("sudo mv $tmp_wgconfig ". RASPI_WIREGUARD_CONFIG, $return);

        if ($return ==0) {
            $status->addMessage('WireGuard configuration uploaded successfully', 'info');